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DETAILED ACTION 



1. The application has been examined. Claims 1-20 are pending in this Office 



2. Applicant is reminded of the proper language and format for an abstract of the 
disclosure. 

The abstract should be in narrative form and generally limited to a single 
paragraph on a separate sheet within the range of 50 to 150 words. It is important that 
the abstract not exceed 150 words in length since the space provided for the abstract 
on the computer tape used by the printer is limited. The form and legal phraseology 
often used in patent claims, such as "means" and "said," should be avoided. The 
abstract should describe the disclosure sufficiently to assist readers in deciding whether 
there is a need for consulting the full patent text for details. 

The language should be clear and concise and should not repeat information 
given in the title. It should avoid using phrases which can be implied, such as, "The 
disclosure concerns," "The disclosure defined by this invention," "The disclosure 
describes," etc. 



Action. 



Specification 
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Claim Rejections - 35 USC § 102 



3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 

4. Claims 1-5, 7-10, and 15-17, and 20 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Bernhard et al. U.S. Patent No. 6,275,942 ('Bernhard' hereinafter). 

5. With respect to claim 1 , Bernhard teach a directory-enabled network element 
(see abstract; col. 9, lines 59-67 to col. 10, lines 1-61). 

6. Bernhard teach claim 2 rejected as above rejecting claim 1 , further comprising a 
directory enabling element installed in an executed by the network element, and 
configured to query, access, and update directory information that is managed by a 
directory service of a network that includes the network element (see col. 9, lines 59-67 
to col. 10, lines 1-61; col. 11, lines 66-67 to col. 12, lines 1-41). 

7. Bernhard teach claim 3 rejected as above in rejecting claim 2, further comprising 
an application programming interface coupled to the directory enabling element and 
configured to receive directory services requests from application programs and provide 
the directory services requests to the directory enabling element (see col. 4, lines 1 1-39; 
col. 10, lines 20-61; col. 15, lines 24-67 to col. 16, lines 1-43). 
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8. Referring to claim 4, Bernhard disclose a directory-enabled network comprising: 
a directory enabling element installed in and executed by the network element, 

and configured to query, access, and update directory information that is managed by a 
directory service of a network that includes the network element (see col. 1 1 , lines 66- 
67 to col. 12, lines 1-41); 

an application programming interface coupled to the directory enabling element 
and configured to receive directory services requests from application programs and 
provide the directory services requests to the directory enabling element. 

a locator service coupled to the directory enabling element and accessible using 
the application programming interface and configured to locate servers that provide the 
directory services in the network (see col. 4, lines 1 1-29; col. 10, lines 20-61; col. 15, 
lines 24-67 to col. 16, lines 1-43). 

9. Bernard teach claim 5 rejected as above in rejecting claim 2, further comprising a 
bind service in the directory enabling element and coupled to a security protocol and 
configured to bind an external application program to the security protocol (see col. 4, 
lines 12-48; col. 11, lines 9-33). 

10. Bernhard teach claim 7 rejected as above in rejecting claim 2, further comprising: 
a locator service coupled to the directory enabling element and configured to 

locate servers that provide the directory services in the network (see col. 4, lines 1 1-39; 
col. 10, lines 20-61; col. 15, lines 24-67 to col. 16, lines 1-43); 

an event service coupled to the directory enabling element and configured to 
receive registration of an event and an associated responsive action from an application 
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program, notify the application program when the event occurs, and execute the 
associated responsive action in response thereto (see col. 4, lines 11-39; col. 10, lines 
20-61; col. 15,lines 24-67 to col. 16, lines 1-43). 

1 1 . Bemhard teach claim 8 rejected as above in rejecting claim 4, further comprising: 
a locator service coupled to the directory enabling element and configured to 

locate servers that provide the directory services in the network (see col. 4, lines 1 1-39; 
col. 10, lines 20-61; col. 15, lines 24-67 to col. 16, lines 1-43); 

an event service coupled to the directory enabling element and configured to 
receive registration of an event and an associated responsive action from an application 
program, notify the application program when the event occurs, and execute the 
associated responsive action in response thereto (see col. 4, lines 1 1-39; col. 10, lines 
20-61; col. 15,lines 24-67 to col. 16, lines 1-43). 

12. Bernhard teach claim 9 rejected as above in rejecting claim 2, further comprising: 
a locator service coupled to the directory enabling element and configured to 

locate servers that provide the directory services in the network (see col. 4, lines 1 1-39; 
col. 10, lines 20-61; col. 15, lines 24-67 to col. 16, lines 1-43); 

a group policy interface coupled to the directory enabling element and configured 
to receive and update the directory service with one or more definitions of directory 
services policies that apply to groups of network devices in the network (see col. 12, 
lines 7-42). 
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13. Bernhard teach claim 10 rejected as above in rejecting claim 5, further 
comprising: 

an event service coupled to the directory enabling element and accessible using 
the application programming interface and configured to receive registration of an event 
and an associated responsive action from an application program, notify the application 
program when the event occurs, and execute the associated responsive action in 
response thereto (see col. 4, lines 11-39; col. 10, lines 20-61; col. 15,lines 24-67 to col. 
16, lines 1-43). 

14. With respect to claim 15, Bernhard teach a method of using a directory-enabled 
network element to query, access, or update directory information of a directory service 
of a network that includes the directory-enabled network element, wherein the directory- 
enabled network element comprises a directory enabling element installed in and 
executed by the network element, and configured to query, access, and update 
directory information that is managed by a directory service of a network that includes 
the network element (see abstract; col. 9, lines 59-67 to col. 10, lines 1-61 ; col. 1 1 , lines 
66-67 to col. 12, lines 1-41); the method comprising the steps of: 

binding the application program to the security protocol (see col. 4, lines 12-48; 
col. 11, lines 9-33); 

creating an event and an associated responsive action that are associated with 
the application program (see col. 15, lines 24-62); 

in response to occurrence of the event, executing the responsive action, 
obtaining policy information from the directory service, and converting the policy 
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information into one or more commands that are executable by the directory-enabled 
network element (see col. 13, lines 20-67 to col. 14, lines 1-6). 

15. With respect to claim 16, Bemhard teach a computer-readable medium carrying 
one or more sequences of instructions for using a directory-enabled network element to 
query, access, or update directory information of a directory service of a network that 
includes the directory-enabled network element (see col. 9, lines 59-67; col. 1 1 , lines 
66-67 to col. 12, lines 1-41; col. 15, lines 24-67 to col. 16, lines 1-43), wherein execution 
of the one or more sequences of instructions by one or more processors causes the one 
or more processors to perform the steps of: 

creating and storing a directory enabling element installed in and executed by the 
network element, and configured to query, access, and update directory information that 
is managed by a directory service of a network that includes the network element (see 
col. 9, lines 59-67; col. 11, lines 66-67 to col. 12, lines 1-41; col. 15, lines 24-67 to col. 

16, lines 1-43). 

binding the application program to the security protocol (see col. 4, lines 1-48; 
col. 11, lines 9-33); 

creating an even and an associated responsive action that are associated with 
the application program (see col. 15, lines 24-62); 

in response to occurrence of the event, executing the responsive action, 
obtaining policy information from the directory service, and converting the policy 
information into one or more commands that are executable by the directory enabled 
network element (see col. 13, lines 20-67 to col. 14, lines 1-6). 
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16. Bernhard teach claim 17 rejected as above in rejecting claim 16, further 
performing the steps of: 

locating a nearest directory server and binding the application program to the 
nearest directory server that is located (see col. 4, lines 12-39; col. 5, lines 8-24); 

locating a nearest event server and binding the application program to the 
nearest event server that is located (see col. 5, lines 8-24; col. 15, lines 24-67 to col. 16, 
lines 1-41). 

17. Bernhard teach claim 20 rejected as above in rejecting claim 16, further wherein 
execution of the one or more sequences of instructions by one or more processors 
causes the one or more processors to perform the further steps of establishing an 
application programming interface coupled to the directory enabling element and 
configured to receive directory services requests from application programs and provide 
the directory services requests to the one or more processors (see col. 6, lines 9-54; 
col. 12, lines 43-67 to col. 13, lines 1-6; col. 15, lines 52-67 to col. 16, lines 1-43). 



Claim Rejections - 35 USC § 103 

18. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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19. Claim 6 is rejected under 35 U.S.C. 103(a) as being unpatentable over Bernhard 
et al. U.S. Patent No. 6,275,942 ('Bernhard' hereinafter) in view of Day, II et al. U.S. 
Patent No. 5,968,116 ('Day, II' hereinafter). 

20. Bernhard teach claim 6 rejected as above in rejecting claim 2. 

Bernhard does not explicitly disclose a Unicode translation service configured to 
query, access, and update directory information that is encoded in a Unicode 
international character format. 

Day, II teach a Unicode translation service configured to query, access, and 
update directory information that is encoded in a Unicode international character format 
(see col. 6, lines 13-31). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine the teachings of Day, II within the system of Bernhard 
because both references are directed to a directory-enabled network element, and 
because the implementation of the Unicode translation service of Day, II in Bernhard 
would allow for the data within the directory to be effectively transported through the 
network without corruption, further improving the reliability of the directory information 
that is encoded in a Unicode international character format. 

21 . Claims 11-14 are rejected under 35 U.S.C. 102(e) as being anticipated by U.S. 
Patent No. 6,400,707 issued to Baum et al. ('Baum' hereinafter). 

22. With respect to claim 1 1 , Baum teach a directory-enabled packet router for a 
packet-switched network (see col. 3, lines 48-64). 
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23. Baum teach claim 12 rejected as above in rejecting claim 1 1 , further comprising: 
a directory enabling element installed in and executed by the router, and 

configured to query, access, and update directory information that is managed by a 
directory service of a network that include the router (see col. 3, lines 48-67 to col. 4, 
lines 1-14); 

a bind service in the directory enabling element and coupled to a security 
protocol and configured to bind an application program to the security protocol (see col. 
3, lines 48-67, col. 4, lines 1-63; co. 6, lines 66-67 to col. 7, lines 1-24); 

an event service coupled to the directory enabling element and accessible using 
the application programming interface and configured to receive registration of an event 
and an associated responsive action from an application program, notify the application 
program when the even occurs, and execute the associated responsive action in 
response thereto (see col. 7, lines 25-64). 

24. With respect to claim 13, Baum teach a directory-enabled network data switch for 
a packet-switched network (see abstract; col. 2, lines 60-67 to col. 3, lines 1-12, 41-64). 

25. Baum teach claim 14 rejected as above in rejecting claim 13, further comprising: 
a directory enabling element installed in and executed by the switch, and 

configured to query, access, and update directory information that is managed by a 
directory service of a network that includes the switch (see col. 3, lines 48-67 to col. 4, 
lines 1-14); 
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a bind service in the directory enabling element and coupled to a security 
protocol and configured to bind an application program to the security protocol (see col. 
3, lines 48-67 to col. 4, lines 1-63; col. 6, lines 66-67 to col. 7, lines 1-24); 

an event service coupled to the directory enabling element and accessible using 
the application programming interface and configured to receive registration of an event 
and an associated responsive action from an application program, notify the application 
program when the event occurs, and execute the associated responsive action in 
response thereto (see col. 7, lines 25-64). 

26. Claims 1 8-1 9 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Bernhard et al. U.S. Patent No. 6,275,942 ('Bernhard' hereinafter) in view of Nessett et 
al. U.S. Patent No. 5,968,176 ('Nessett' hereinafter). 

27. Bernhard teach claim 18 rejected as above in rejecting claim 16. 

Bernhard does not explicitly disclose a virtual private network is created between 
the router and another network device. 

Nessett teach translating the policy information into one or more values that are 
ready to apply to a router, whereby a virtual private network is created between the 
router and another network device (see col. 14, lines 31-47; col. 15, lines 6-67). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine the teachings of Nessett within the system of Bernhard 
to arrive at the invention as claimed because both references are directed to a 
computer-readable medium, and because the implementation of virtual private network 
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would increase the level of protection of the packets that are moved between the source 
and destination, further preserving the integrity of the data within the directory-enabled 
network element. 

28. Bemhard teach claim 19 rejected as above in rejecting claim 16. 

Bernhard does not explicitly disclose a set of internal data structures of a router 
and a dynamic IPSEC configuration. 

Nessett teach translating the policy information into one or more values that are 
ready to apply to a set of internal data structures of a router, by calling one or more 
internal NOS API functions, whereby a dynamic IPSEC configuration is created that 
connects the router and at least one other network device (see col. 10, lines 24-59; col. 
13, lines 51-67 to col. 14, lines 1-51). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine the teachings of Nessett within the system of Bernhard 
to arrive at the invention as claimed because both references are directed to a 
computer-readable medium, and because the implementation of IPSEC configuration 
would increase the level of protection of the communication that occurs between the 
router and one other network device, effectively ensuring the secure packet exchanges 
at the IP layer, and further improving the security of the communication interface of the 
combined system. 
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Conclusion 



The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Dugan et al. (U.S. Patent No. 6,275,942) disclose a telecommunications 
switching network. 

Ganguly et al. (U.S. Patent No. 6,345,266) disclose a distributed directory service 
that is constructed based on a predicate, i.e., a query from a client. 

Lidnisky et al. (U.S. Patent No. 4,897,874) disclose a metropolitan area network 
arrangement for serving virtual data networks. 

Day, II (U.S. Patent No. 6,430,596) disclose a network management service for 
facilitating the management of networked devices by network management applications. 

Coley et al. (U.S. Patent No. 6,061 ,798) teach a firewall system for protecting 
network elements connected to a public network. 

Coley et al. (U.S. Patent No. 5,826,014) teach a firewall system for protecting 
network elements connected to a public network. 

He (U.S. Patent No. 5,944,824) teach a system and method for single sign-on to 
a plurality of network elements. 

Day II (U.S. Patent Pub. No. 202/0046260) discloses a network management 
service for facilitating the management of networked devices by network management 
applications. 

Moses et al. (U.S. Patent No. 6,499,1 10) disclose a method and apparatus for 
facilitating information security policy control on a per security engine user basis. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ahmedur Ali whose telephone number is 305-4667. The 
examiner can normally be reached on 8:30am - 5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examinees 
supervisor, Ayaz Sheikh can be reached on 305-9648. The fax phone numbers for the 
organization where this application or proceeding is assigned are 305-3718 for regular 
communications and 305-3718 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 305-3900. 

ara 

August 1 1 , 2003 




